Abusing Password Reuse at Scale: Bcrypt and Beyond
Authors: Sam Croley

Date: August 8 2018
Publication: BSidesLV 2018
Source: Currently no known Internet copy of paper.

Abstract or Summary:
In this talk we will cover a new attack methodology based on the concept of “offline credential stuffing”. This approach makes use of large amounts of correlated data and abuses the commonality of user password reuse to efficiently reduce the workload required to attack large lists of slow, salted hashes.

PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=5su3_Py8iMQ

Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2019 PasswordResearch.com